package com.csaba.connector.khb;

import org.apache.http.NameValuePair;

import com.csaba.connector.BankService;
import com.csaba.connector.ServiceException;
import com.csaba.connector.khb.model.KHBBank;
import com.csaba.connector.khb.model.KHBSession;
import com.csaba.connector.model.Session;
import com.csaba.connector.service.AbstractBankService;

public class KHBSMSOTPValidationService extends AbstractBankService implements BankService, Codes
{
	private String smsotp;

	@Override
	public void execute( final Session session ) throws ServiceException
	{
		if ( !( session instanceof KHBSession ) )
			throw new ServiceException("Incompatible session " + KHBBank.class + " != " + session.getClass().getName());
		if ( smsotp == null )
			throw new ServiceException("Service is not yet inicialized.");

		final KHBSession khb = (KHBSession) session;

		// implement SMS OTP Validation here
		final NameValuePair[] smsParams = (NameValuePair[]) session.getRemoteProperty(RP_LOGIN_OTPFORM);

		/*new NameValuePair("fun", FUN_LOGIN_SMS),//
		new NameValuePair("sign", "0b5b5ee3cbdb91626a04d2003e18f7864f04f61a"),//see below
		new NameValuePair("sign_this", "5BE4366252D3"),//comes from hiden field resulted in PRESMS request
		new NameValuePair("lang_id", "hu"),//
		new NameValuePair("pg_id", "47FDE732"),//comes from hiden field resulted in PRESMS request
		new NameValuePair("nonstandard", "00ED00E1"),//see below
		new NameValuePair("logintype", "e-bank SMS azonosítással"),//comes from hiden field resulted in PRESMS request
		new NameValuePair("lite_password", ""),//this is the password field, but the content is encoded by javascript, so the value comes in the sign or nonstandard fields.
		new NameValuePair("submit1", "belépés"),//ID of the button to press
		*/
		// Algorythm to get _sign_ variable:
		//  - concatinate name-value pairs as follows: sign_this=xxx|logintype=yyy|lite_password=zzz
		final String signThis = Util.getPair(smsParams, "sign_this").getValue();
		final String logintype = Util.getPair(smsParams, "logintype").getValue();
		final String concatinated = "sign_this=" + signThis + "|logintype=" + logintype + "lite_password=" + smsotp;

		//  - escape it: use escapeIt() method
		final String escaped = Util.escapeIt(khb, concatinated);
		//  - generate _nonstandard_ using the tellNonStandard() with the same seed
		Util.setPairValue(smsParams, "nonstandard", Util.tellNonStandard(khb, concatinated));
		//  - generate _sign_ using hex_sha1() method: Util.hexSha1()
		Util.setPairValue(smsParams, "sign", Util.hexSha1(khb, escaped));

		//url: /Ebank2%3Ffun%3D0.0.L.L%26dummy%3D1224935913451
		final String smsResult = khb.doPost(Codes.URL_RETAIL_ROOT, smsParams);
		khb.debugFile("welcome", smsResult);

		//at the end set otp in the session
		session.setRemoteProperty(Codes.RP_SMSOTP, smsotp);

		//FIXME test it
		//FIXME extract customer name from the welcome page.
		//FIXME sign form from session
	}

	public void setSmsotp( final String smsotp )
	{
		this.smsotp = smsotp;
	}

}
